What is subnetting?

Introduction to IP Addressing & Networks

Before we explore subnetting, it's essential to understand the basics of IP addresses and computer networks. An IP AddressInternet Protocol Address: A unique numerical label assigned to each device connected to a computer network that uses the Internet Protocol for communication. (specifically IPv4, which we'll focus on) is a 32-bit number, typically expressed in a human-readable "dotted-decimal" format (e.g., 192.168.1.10). This address serves two main purposes: identifying the host (a specific device like a computer or server) and identifying the network it belongs to.

A computer networkA group of two or more interconnected computer systems that can communicate and share resources. is a collection of devices that can communicate with each other. For devices to communicate effectively, they need a way to be uniquely identified and located, which is where IP addresses come in. Large networks can become congested and difficult to manage. This is where subnetting becomes a valuable technique.

Key Takeaways from this Article

✓ Understand what subnetting is and its core purpose.
✓ Learn the benefits of subnetting, including improved organization and security.
✓ Grasp how IP addresses, subnet masks, and binary numbers relate to subnetting.
✓ Be able to calculate new subnet masks, the number of subnets, and hosts per subnet.
✓ Use an interactive tool to explore subnetting scenarios.

What is Subnetting?

Subnetting is the process of dividing a single, large physical network into multiple smaller, logical networks called subnetsA subnetwork is a logical subdivision of an IP network.. Think of it like taking a large office building (the main network) and dividing it into different departments (the subnets). Each department has its own designated space and resources, but they are all still part of the larger building.

Technically, subnetting involves borrowing bits from the host portionThe part of an IP address that identifies a specific device on a network. of an IP address and using them to create a subnet identifierThe part of an IP address, created by subnetting, that identifies a specific subnet within the larger network.. This allows a single network address (like 192.168.1.0/24) to be split into, for example, four smaller networks, each with its own range of IP addresses.

A large network divided into smaller, manageable subnets.

Why Subnet? The Benefits

Subnetting offers several significant advantages for network administrators:

Improved Organization

Dividing a network into smaller subnets makes it easier to manage. You can group devices by department (e.g., Sales, Engineering), function, or geographical location, simplifying administration and troubleshooting.

Enhanced Security

Subnets allow for network segmentation. You can implement specific security policies (like firewall rules) for each subnet, isolating sensitive data or systems. If one subnet is compromised, the others may remain secure.

Reduced Network Congestion

Broadcast trafficNetwork traffic sent from one point to all other points on the network simultaneously. is contained within its own subnet. In a large, flat network, broadcasts can consume significant bandwidth. Subnetting limits the scope of broadcasts, improving overall network performance.

Efficient IP Address Utilization

Subnetting allows administrators to allocate IP address blocks more precisely according to the needs of each segment, preventing wastage of IP addresses. This is particularly important with the limited availability of IPv4 addresses.

The Building Blocks

IP Addresses in Binary

An IPv4 address is a 32-bit number. These 32 bits are grouped into four 8-bit segments called octetsAn 8-bit segment of an IP address. Each octet can represent a decimal number from 0 to 255.. While we usually see IP addresses in dotted-decimal notation (e.g., 192.168.1.10), computers process them in binary.

For example, the IP address 192.168.1.10 in binary is:

Decimal:  192  .  168  .    1  .   10
Binary:   11000000.10101000.00000001.00001010

Understanding this binary representation is crucial for subnetting, as subnetting involves manipulating these bits.

Visualizing an IP Address (32 bits)

11000000(192)

.

10101000(168)

.

00000001(1)

.

00001010(10)

Each block is an 8-bit octet.

Subnet Masks

A subnet mask is also a 32-bit number used in conjunction with an IP address. Its purpose is to distinguish the network portionThe part of an IP address that identifies the network. of the address from the host portionThe part of an IP address that identifies a specific device on that network.. In a subnet mask, all bits representing the network (and subnet, if applicable) are set to '1', and all bits representing the host are set to '0'.

For example, a common subnet mask is 255.255.255.0. In binary, this is:

Decimal:  255  .  255  .  255  .    0
Binary:   11111111.11111111.11111111.00000000

When an IP address is combined with a subnet mask using a logical AND operationA bitwise operation where the result is 1 only if both corresponding bits are 1. Otherwise, the result is 0., the result is the network address.

Default Subnet Masks (Classful)

Historically, IP addresses were divided into classes, each with a default subnet mask:

Class A: 255.0.0.0 (11111111.00000000.00000000.00000000) - First 8 bits for network.
Class B: 255.255.0.0 (11111111.11111111.00000000.00000000) - First 16 bits for network.
Class C: 255.255.255.0 (11111111.11111111.11111111.00000000) - First 24 bits for network.

While classful addressing is largely superseded by CIDR, understanding these helps grasp the concept of network vs. host bits.

Network ID & Host ID

As mentioned, the subnet mask helps separate an IP address into two parts:

Network ID (or Network Address): The portion of the IP address that identifies the specific network or subnet. All devices on the same network/subnet share the same Network ID. This address has all host bits set to 0. It's used in routing tables.
Host ID (or Host Address): The portion of the IP address that uniquely identifies a specific device (host) on that network/subnet.

Let's take IP 192.168.1.10 with subnet mask 255.255.255.0:

IP Address: 11000000.10101000.00000001.00001010  (192.168.1.10)
Subnet Mask:11111111.11111111.11111111.00000000  (255.255.255.0)
----------------------------------------------------------------- AND Operation
Network ID: 11000000.10101000.00000001.00000000  (192.168.1.0)
Host ID:                             .00001010  (Host .10 on network 192.168.1.0)

Here, 192.168.1 is the network portion, and .10 is the host portion. The Network ID is 192.168.1.0.

Visual Breakdown

For IP 192.168.1.10 with mask 255.255.255.0 (/24):

11000000.10101000.00000001.00001010

Network Portion (192.168.1)Host Portion (.10)

How Subnetting Works

The Core Idea: Borrowing Bits

Subnetting is achieved by "borrowing" bits from the host portion of an IP address and designating them as subnet bitsBits taken from the host portion of an IP address to create subnetwork identifiers.. These borrowed bits extend the network portion of the address, effectively creating new, smaller network segments (subnets) within the original network.

Imagine an IP address structure like this (N = Network bit, H = Host bit):

NNNNNNNN.NNNNNNNN.NNNNNNNN.HHHHHHHH (e.g., a /24 network)

If we borrow, say, 2 bits from the host portion for subnetting (S = Subnet bit):

NNNNNNNN.NNNNNNNN.NNNNNNNN.SSHHHHHH

The original 8 host bits are now split: 2 bits for identifying subnets, and 6 bits remaining for identifying hosts within each subnet.

Visualizing Bit Borrowing

Original /24 network (e.g., 192.168.1.0/24):

11000000.10101000.00000001.HHHHHHHH

After borrowing 3 bits for subnets (new /27 network):

11000000.10101000.00000001.SSSHHHHH

Original NetworkSubnet BitsRemaining Host Bits

Calculating the New Subnet Mask

When bits are borrowed from the host portion, the subnet mask must be updated to reflect this. The borrowed bits, which were '0's in the original mask (representing host bits), become '1's in the new subnet mask (now representing network/subnet bits).

Example: Original mask 255.255.255.0 (/24)

11111111.11111111.11111111.00000000

If we borrow 2 bits from the host portion (the first two '0's in the last octet):

New mask: 11111111.11111111.11111111.11000000

Converting this new binary mask back to dotted-decimal:

11111111 = 255
11111111 = 255
11111111 = 255
11000000 = 128 + 64 = 192

So, the new subnet mask is 255.255.255.192. This is also represented as /26 in CIDR notation (24 original network bits + 2 borrowed subnet bits = 26 total network/subnet bits).

Calculating Number of Subnets and Hosts

The number of borrowed bits directly determines how many subnets can be created and how many hosts can be on each subnet.

Number of Subnets: If you borrow 's' bits for subnets, you can create 2^s subnets.
Example: Borrowing 2 bits (s=2) creates 2² = 4 subnets. Borrowing 3 bits (s=3) creates 2³ = 8 subnets.
Number of Hosts per Subnet: If 'h' bits remain for the host portion after borrowing, each subnet can have 2^h - 2 usable host addresses.
We subtract 2 because one address is reserved for the Network ID (all host bits are 0) and one for the Broadcast AddressAn address used to send data to all hosts on a particular subnet. It's the last address in the subnet range (all host bits are 1). (all host bits are 1). These two addresses cannot be assigned to individual devices.
Example: If 6 bits remain for hosts (h=6), each subnet has 2⁶ - 2 = 64 - 2 = 62 usable host addresses.

There's a trade-off: the more bits you borrow for subnets, the more subnets you get, but the fewer hosts each subnet can support.

CIDR Notation (Classless Inter-Domain Routing)

CIDR notation is a more flexible way to represent network masks. It's written as the IP address followed by a slash and the number of bits in the network portion of the address (including any subnet bits). This number is called the "prefix length".

255.0.0.0 is /8 (8 network bits)
255.255.0.0 is /16 (16 network bits)
255.255.255.0 is /24 (24 network bits)
255.255.255.192 (from our earlier example where we borrowed 2 bits from a /24 network) is /26 (24 + 2 = 26 network/subnet bits).

CIDR allows for variable length subnet masking (VLSM), making IP address allocation much more efficient than the old classful system.

Interactive Subnetting Explorer

Use this tool to see how borrowing bits affects a network. Enter a base network IP, its original CIDR prefix, and then adjust the number of bits to borrow for subnetting.

Base Network IP:

Original CIDR Prefix:

Bits to Borrow for Subnets: 0

Step-by-Step Example

Let's walk through an example: Subnet the network 172.16.0.0/16 to create at least 10 subnets.

Original Network: 172.16.0.0
Original Subnet Mask: /16 which is 255.255.0.0
Binary Mask: 11111111.11111111.00000000.00000000
Number of host bits available: 32 - 16 = 16 host bits.

We need at least 10 subnets. We use the formula 2^s ≥ desired subnets.
2¹ = 2 (not enough)
2² = 4 (not enough)
2³ = 8 (not enough)
2⁴ = 16 (enough!)
So, we need to borrow s = 4 bits from the host portion.

Original CIDR: /16. Borrowed bits: 4.
New CIDR prefix: 16 + 4 = /20.
Original mask (binary): 11111111.11111111.00000000.00000000
New mask (binary, borrowing 4 bits from 3rd octet): 11111111.11111111.11110000.00000000
The third octet 11110000 is 240 in decimal.
New Subnet Mask: 255.255.240.0

Number of subnets: 2^s = 2⁴ = 16 subnets.
Remaining host bits (h): Original host bits (16) - borrowed bits (4) = 12 host bits.
Number of usable hosts per subnet: 2^h - 2 = 2¹² - 2 = 4096 - 2 = 4094 hosts per subnet.

The "interesting" octet is the third one, where bits were borrowed. The increment value for this octet is 256 - new mask value in that octet = 256 - 240 = 16. So, subnets will increment by 16 in the third octet.

Subnet 1: Network ID: 172.16.0.0/20, Range: 172.16.0.1 - 172.16.15.254, Broadcast: 172.16.15.255
Subnet 2: Network ID: 172.16.16.0/20, Range: 172.16.16.1 - 172.16.31.254, Broadcast: 172.16.31.255
Subnet 3: Network ID: 172.16.32.0/20, Range: 172.16.32.1 - 172.16.47.254, Broadcast: 172.16.47.255
...and so on for 16 subnets.

Visualizing Subnetted Networks

A router is typically used to connect different subnets. Each interface on the router connected to a subnet will have an IP address from that subnet's range and will act as the default gateway for devices on that subnet.

graph TD Internet([Internet]) --- Router((Router)) Router --- SubnetA["Subnet A
192.168.1.0/26
Gateway: 192.168.1.1"] Router --- SubnetB["Subnet B
192.168.1.64/26
Gateway: 192.168.1.65"] Router --- SubnetC["Subnet C
192.168.1.128/26
Gateway: 192.168.1.129"] Router --- SubnetD["Subnet D
192.168.1.192/26
Gateway: 192.168.1.193"] SubnetA --- DeviceA1[PC 1
192.168.1.10] SubnetA --- DeviceA2[Printer
192.168.1.11] SubnetB --- DeviceB1[Server
192.168.1.70] SubnetC --- DeviceC1[Laptop
192.168.1.135] classDef default fill:#f0f9ff,stroke:#7dd3fc,stroke-width:2px,color:#1f2937; classDef router fill:#bae6fd,stroke:#0ea5e9,stroke-width:2px,color:#1f2937; class Router router;

In this diagram, a single /24 network has been subnetted into four /26 subnets. The router facilitates communication between these subnets and with the external internet.

Conclusion

Subnetting is a fundamental networking concept that allows for the logical division of a larger network into smaller, more manageable segments. By borrowing bits from the host portion of an IP address, administrators can create multiple subnets, each with its own unique network ID.

The key benefits of subnetting include improved network organization, enhanced security through segmentation, reduced network congestion by limiting broadcast domains, and more efficient use of IP addresses. Understanding binary arithmetic, subnet masks, and CIDR notation is crucial for mastering subnetting.

While it might seem complex at first, practicing with examples and using tools like the interactive explorer can greatly aid in understanding how subnetting works and how to apply it effectively in real-world network design.